The Private Sector, National Security and Personal Data: An Exploratory Assessment of Private Sector Involvement in Airport and Border Security in Canada
This page has been archived on the Web
Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
Security tasks are increasingly carried out by the private sector and personal data now flow with growing frequency between different governmental and private channels in relation to international travel. This exploratory study assesses the involvement of the private sector in border and airport security in Canada. It looks at how, where, and what types of information are collected and stored, who collects it, and with whom this information is shared. Recent trends and possible directions of future development related to these processes of information gathering are identified, and the subsequent impacts on privacy are discussed.
Besides the mandatory collection of Advance Passenger Information (API) and Personal Name Record (PNR) information for individual travellers, “voluntary” trusted traveller and trader programs also collect personal data. The expansion in the numbers of these programs and the sharing of data across borders means that “volunteerism” in itself is no longer a safeguard, and the OPC should look again at privacy in these programs.
PIPEDA remains the primary act for safeguarding personal data where there is private-sector involvement but the storage of passenger information data outside of Canada - much of it in the US, as is the case with API/PNR data – entails little privacy protection for Canadians. Significant concerns in information relationships with the USA and US companies include a relative lack of accountability, the outsourcing to private companies of data transferred to the US, the potentially lucrative commercial value of the data, and the exemptions many state and private organisations involved in US Homeland Security enjoy even from US privacy law. The new Perimeter Security Agreement (PSA) threatens to intensify these concerns and undermine Canadian expectations of privacy at the border. Enforceability of PIPEDA would appear to depend on either a coincidence of economic interests of particular corporations with those of Canadian law, or mutual agreement with other jurisdictions.
This document is available in the following language(s):
OPC Funded Project
This project received funding support through the Office of the Privacy Commissioner of Canada’s Contributions Program. The opinions expressed in the summary and report(s) are those of the authors and do not necessarily reflect those of the Office of the Privacy Commissioner of Canada. Summaries have been provided by the project authors. Please note that the projects appear in their language of origin.
- Date modified: